In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree. References: https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4313
Created claws-mail tracking bugs for this issue: Affects: fedora-all [bug 1861976]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.
Seems this was reported to upstream in February without a response, and referring to a "malicious IMAP server" makes it mostly something of academical interest only. There are other corner-cases left that can crash Claws Mail.